should login.defs allow explicit specification of secure ttys?
I was just about to send this to bugs with a severity of "wishlist" but
then I figured maybe I'd throw it out here first.
Package: login
Version: 19990827-20
Severity: wishlist
Hello. I was reading the login.defs man page and noted this:
CONSOLE /etc/consoles
or a colon-delimited list of terminal lines such
as:
CONSOLE console:tty01:tty02:tty03:tty04
If a pathname is given, each line of the file
should specify one terminal line. If this parame
ter is not defined or the specified file does not
exist, then root logins will be allowed from any
terminal line. Because the removal of this file,
or its truncation, could result in unauthorized
root logins, this file must be protected. Where
security is critical, the colon-separated form
should be used to prevent this potential method of
attack.
My first point is that this really isn't correct since we use the
/etc/securetty mechanism via PAM.
Second issue, is that as the note in the man page states, there really
is a (small) security benefit to being able to list the ttys in
login.defs.
Otoh, one could say "someone who could remove or truncate /etc/securetty
could just as easily remove or truncate /etc/login.defs" which is a good
point.
I'd appreciate your view on this. :) Thanks.
Reply to: